[PHP] Paths and ImageCreate(), GetImageSize()...
I'm having a hard time figuring out exactly how paths should be listed when pointing to files using the ImageCreate(), ImageCopyResized(), etc. commands. My images are in a sub-folder called img, and my script is in another sub-folder called scripts (at the same level as img). It appears that GetImageSize() only works for me when I put the full URL in front of the file name like this... GetImageSize(http://www.mysite.com/img/photo.jpg;) Is that the only way for this to work? The following variations all produce an error saying it can't file the file photo.jpg: GetImageSize(../img/photo.jpg) GetImageSize(/img/photo.jpg) GetImageSize(img/photo.jpg) At least GetImageSize() works with a URL. I can't say the same for any of the ImageCreate() functions, which when used with all of the above path variations including the URL, produce an error stating it can't locate the photo.jpg file. Permissions for the img folder are set to 777, and I can load the file using IMG SRC=/img/photo.jpg with no problems. Why can't I get these functions to find the file using the same path? Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Trying to post
I've been trying to post to this newsgroup, but have had problems. If this works, I guess the problem has gone away on its own. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Auto-Pagination of Content from DB
I'm not sure the best way to auto-paginated long articles that will be stored in a MySQL database. I tried searching a few sites for sample code but couldn't really find anything, which is why I'm asking here. An idea I had was to split the content into an array called page and then just access each page with echo $page[2]; My only concern is any potential overhead if the articles are long (maybe about 10-15 pages). Also, would the best way to split the content into pages be to use one of the string parsing commands that looks for the next \n\n (a new paragraph)? I'm new to PHP, so, not sure yet which command would be the best for this. Any advice or pointers on how to best do this is appreciated! Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Parsing Custom Codes Embedded in DB Text
Hi Everyone, I'm new to PHP, and am learning a lot by reading posts here and two PHP books I'm going to be writing some content management scripts, and one thing I want to do is allow writers to embed some simple codes in their text such as: [LINK=http://wwwmysitecom]Click here for info[/LINK] which, when pulled from the database (MySQL) will be parsed into a valid HTML a href command as follows: a href = http://wwwmysitecom;Click here for info/a First of all, is this a wise thing to do, or will this drastically slow down the script if it has to parse several pages of text? Second, which of the various PHP commands would accomplish this the most efficiently? Is preg_replace() the way to go? I'm also going to have a database table called IMAGES that stores all image files (actually, just the URLs to the images on the server), each of which will be assigned an Article ID number so it can be associated with a particular article stored in the ARTICLE table The IMAGE table will also contain a field called Position where I can indicate the order of the images for a particular article I'd like to enter the following in the text of an article: [IMAGE=1] and have PHP parse this code, grab the image URL from the IMAGE table where the Article ID = the current article being parsed and Position = 1, so it can replace the above code with an img src HTML command as follows: img src=myimagejpg Could this also be accomplished with the preg_replace() command, or is there a better way to tackle this? Sorry for the long question Hope it makes sense Thanks! -- PHP General Mailing List (http://wwwphpnet/) To unsubscribe, visit: http://wwwphpnet/unsubphp
[PHP] preg_replace() ??
Is preg_replace() the best PHP command to use for parsing custom codes in text retrieved from a database (eg, turning [link= ] into a href= )? -- PHP General Mailing List (http://wwwphpnet/) To unsubscribe, visit: http://wwwphpnet/unsubphp
[PHP] Re: Does anybody have code for this?
Maybe try looking into the crypt() or md5() functions on php.net. These will encrypt a string more than scramble, but maybe one of these serves the purpose. From: [EMAIL PROTECTED] (Leif K-Brooks) Newsgroups: php.general Date: Fri, 01 Mar 2002 02:30:04 -0500 To: [EMAIL PROTECTED] Subject: Does anybody have code for this? I'm looking for two functions. One to scramble a string, and one to check if one string is a scrambled version of another. Does anybody have these? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Does anybody have code for this?
Explain what you mean by scramble and what you are trying to accomplish? There isn't a built-in function for this that I've seen, so, you'll have to write your own function using various PHP commands. This function might be useful to that end: http://www.php.net/manual/en/function.levenshtein.php From: [EMAIL PROTECTED] (Leif K-Brooks) Newsgroups: php.general Date: Fri, 01 Mar 2002 02:50:09 -0500 To: [EMAIL PROTECTED] Subject: Re: [PHP] Re: Does anybody have code for this? on 3/1/02 2:43 AM, Monty at [EMAIL PROTECTED] wrote: Maybe try looking into the crypt() or md5() functions on php.net. These will encrypt a string more than scramble, but maybe one of these serves the purpose. No, that isn't what I'm looking for. It's not for encryption. I just need a function that scrambles a string. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: create a file
Start here... http://www.php.net/manual/en/function.fwrite.php From: [EMAIL PROTECTED] (Thomas Franz) Newsgroups: php.general Date: Fri, 1 Mar 2002 08:55:25 +0100 To: [EMAIL PROTECTED] Subject: create a file good morning, i want to create a new file and save it in the current dir. I look in the manual but only i found how to create a dir. Thanks for help. Thomas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Best Content Management METHOD...
I'm setting up a simple content-management system for a webzine. I'm not sure which method would be the most efficient: 1) Put all content in a database and dynamically flow content into a few different article template files. Or... 2) Build the content as actual pages with dynamic elements for menus, and store only basic info about each article in CMS database (such as title, publish date, writer, keywords, etc.). Option 1 would make it very easy to modify the look of all articles, but, I'm concerned that using just a few templates for all articles would slow down the site if lots of people are simultaneously accessing articles. The site gets about 750,000 page views per month, so, while it's no Yahoo, it does get a decent amount of traffic. Option 2, on the other hand, would remove the load from just a few templates by setting up actual pages for each article, but, it won't be as easy to make site-wide design changes this way, and I won't be able to do some things like automatically paginating longer articles over several pages. Anyone have any input or words of wisdom they can offer on the best method for setting up a content management system? Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Breaking Dynamic Content into Pages...
I'm trying to determine the best way to break dynamic content into pages before flowing into a template (with 1|2|3 type paging icons at the bottom of the page). I considered using a user-defined type code like [pagebreak] that would allow content contributors to determine the page breaks themselves when entering the article into the database. A parsing function would grab the chunk of text/html between the appropriate [pagebreak] codes for each page. But this just doesn't seem a very elegant solution. Anyone know of a better way to do this? Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Loading dynamic pages based on URL
Articles for an online magazine will use one template and load content dynamically from a MySQL database. Assets and images for each article will be stored in their own folder: e.g., www.mysite.com/topic/article Even though a physical HTML page will not exist at www.mysite.com/topic/article, is there a way to load the appropriate articles in the template without actually specifying a physical page name if soemone types that URL into their browser? I'd prefer to send people to www.mysite.com/topic/article instead of www.mysite.com/topic/article/template.php?id=39403848 I realize this may be more of an Apache issue than PHP, but, thought I'd see if anyone here has dealt with something similar. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RegExp Help: [:cntrl:] not working
I'm trying to preg_split() text between page. I used the following but can't get the regular expression to work: $content = blah blah page blah blah blah; $paged = preg_split( [[:cntrl:]*]page[[:cntrl:]*], $content ); I also tried the following... $content = blah blah page blah blah blah; $paged = preg_split( [:cntrl:]page[:cntrl:], $content ); ...and... $content = blah blah page blah blah blah; $paged = preg_split( [[:cntrl:]]page[[:cntrl:]], $content ); But none of these work. Can someone tell me what's wrong? I just want to split the text on page and include any line feeds that may have been put in before or after the page text. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RegExp Help: [:cntrl:] not working
The * needs to be after the character class, ie [[:cntrl:]]*. --Dan Thanks Dan. But, removing the asterisk or putting it after the character class doesn't work either for some reason. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RegExp Help: [:cntrl:] not working
Have you tried [[:space:]]* instead? That'll pull in line breaks, tabs and spaces. --Dan I just tried it, but, still can't make this work. Also, I'm getting different results between explode() and preg_split(), is that normal? Here's what I'm trying: $content = blah blah page_break blah blah blah blah; $contentpage = preg_split([[:space:]]*page_break[[:space:]]*, $content); But I just get a PHP error: Warning: Unknown modifier '*' in testme.php If I try this: $content = blah blah page_break blah blah blah blah; $contentpage = preg_split([[:space:]]page_break[[:space:]], $content); I get this PHP error: Warning: Unknown modifier 'p' in testme.php I'm not sure what I'm doing wrong with the reg exp, but, it won't even parse. Both expressions above used with explode() only produce empty array variables, as though it's stripping out everything. What am I doing wrong? Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] RegExp Help: [:cntrl:] not working
Yes! That was it! Thank you so much. I actually thought preg and ereg were interchangeable, so, I'm glad you pointed out the difference for reg expressions. Can you tell me what the open and closing slashes / are for inside the quotes? Is it equivalent to [ and ] for ereg? Monty DOH! It's preg!!! [[:space:]] is for ereg. Use \s. I don't know why I didn't notice sooner. Do this: '/\s*page_break\s*/' --Dan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP/MySQL -- Date/Time Confusion
Which method is the best way to store date/time in MySQL and then which PHP command is the best to use to convert that date to something useful? I'm having a difficult time figuring out how to reconcile the date in MySQL so it works with PHP's various date commands, like getdate(). Any suggestions? I'll mostly need to compared dates/times of different records and then extract parts of the date for displaying on the screen. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Newbie Question on Efficiency
If you have have a large number of functions, it might be better to separate them into a few files that you can include as needed. I use one file that contains functions needed by every page. I have a few other files that contain functions that aren't needed by every page, so, I include them only on pages that need them. But most functions go in the main include file used on every page. Separating them will also minimize some overhead if you have a lot of functions. Otherwise, if your include files aren't War Peace in length, one include file is fine. [EMAIL PROTECTED] 07/16/02 04:59PM Hello everyone, I'm a newbie and have a question on style that I've not seen addressed anywhere. I have a large number of frequently used functions that I'm trying to find a good way to organize. The method I'm thinking of using is to simply create a .php file called, for example, functions.php. Then, just include the file at the top of each page that needs any of the functions, and just call them as needed. My question is this- if that file gets very large with tons of different functions, is that an inefficient method? I'm not entirely clear on how PHP is parsed and passed to the client. I assume it would be best to divide up the functions into multiple files (ex. dbfunctions.php, etc.), but is that still the best method? Basically, I'm just curious on how you guys handle things like this. Thanks in advance. Michael Kennedy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Includes vs. Functions
I generally prefer to include various blocks of code in templates using include_once() rather than load a functions library and make calls to those functions within the script. Is there a big difference in efficiency and speed of includes vs. custom functions? I like includes because it's easier to drop blocks of code in a page design without disrupting the design of the page very much. Thanks, Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: sorting and searching an Array
This would be MUCH MUCH easier to do if this data were in a database instead of a flat file. But, to accomplish this you need to write some code using the various array functions in PHP, such as asort() and explode(), and structures such as for() and each() to eliminate the array rows that don't match your criteria. PHP and MySQL Web Development by Luke Welling and Laura Thomson is a great book for learning PHP (it's what I used). There's not a whole chapter on file functions in PHP, but, there is enough info in there to do all the basic functions you would need to accomplish this task. Monty From: [EMAIL PROTECTED] Reply-To: Richard Kurth [EMAIL PROTECTED] Newsgroups: php.general Date: Wed, 17 Jul 2002 12:52:00 -0700 To: php-general [EMAIL PROTECTED] Subject: sorting and searching an Array After I read this file into an array (small sample of file below) I need to sorted it by the name at the end of each line and then echo out only the ones that the name equals the name in a search variable. Also could somebody recommend a PHP book that covers a lot of info on working with text files. It seams to be very little info in any of the boos I have now. It is sort of skipped over a lot [EMAIL PROTECTED] mrgouldian [EMAIL PROTECTED] myname [EMAIL PROTECTED] mrgouldian [EMAIL PROTECTED] mrgouldian [EMAIL PROTECTED] myname [EMAIL PROTECTED] mrgouldian [EMAIL PROTECTED] myname [EMAIL PROTECTED] myname [EMAIL PROTECTED] mrgouldian [EMAIL PROTECTED] myname -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Includes vs. Functions
Chris, thanks for describing your method. The reason I really dislike
Functions in PHP is because you have to pass every variable needed by a
function, even if that variable is global in the main script, which is a
pain in the ass when a function needs a long string of variables. It makes
it easier to forget a variable in the list and can make the code look messy.
So, that's why I prefer includes, because the code is operating on the same
level as the main script and can easily use variables set locally without
making them global.
I'll use a function if it only needs one or two variables passed to it, but,
I find myself using more Includes than Functions because of the variable
passing necessary.
Tom
From: [EMAIL PROTECTED] (Chris Crane)
Organization: Inxdesign.com
Reply-To: Chris Crane [EMAIL PROTECTED]
Newsgroups: php.general
Date: Wed, 17 Jul 2002 17:05:59 -0400
To: [EMAIL PROTECTED]
Subject: Re: Includes vs. Functions
I am not sure about efficiency, myself and I often ask this without much if
anything at all for a response. However, I am the opposite of you, in that I
prefer to create a library file containing all the functions. To make
developing the page in something like Dreamweaver or Frontpage easier, I
global all the variables of a given function, like say Function
StockQuote($sym) { }. They I include the library file in my PHP
webpage.Something like this...
html
head
~blah
/head
body
?PHP include(filepath/filename); StockQuote($sym); ?
various html
~blah
~blah
?PHP print $Stock_LastPrice; ?
~blah
~blah
/body
/html
In the library file, I global the variables;
function StockQuote($sym) {
global $Stock_LastPrice, $Stock_Position;
get the data...
do something with the data...
$Stock_LastPrice = This minus that blah blah;
}
I can use this variable anywhere I would like and it is very WYSIWYG
friendly.
I am not sure how efficient it is though as I mentioned above.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Loading a File into Variable - How??
I thought this would be fairly easy, but, I can't figure out how to load the
contents of a file into a variable so I can output it later.
The file to be loaded is in my include_path on the server and does contain
some HTML.
file_get_contents() is exactly what I need, but, it only works on a CVS
version of PHP, whatever that is.
I also tried the following function:
function file_get_contents($filename) {
$fd = fopen ($filename, r, 1);
$contents = fread($fd, filesize($filename));
fclose($fd);
return $contents;
}
But it returns nothing. If I use readfile() the file contents is displayed,
but, what I really want to do is store it in a string variable, not output
it directly. How can I do this?
Thanks,
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Loading a File into Variable - How??
Look 4 implode() in the function list Implode isn't really what I need, I just want to load an entire file into a single string variable. However, I figured out the problem shortly after posting that first message (of course). Because the file being opened is in the include_path, it seems filesize() doesn't see those files. So, if I replace the filesize($filename) command with a hard-coded number, it works. Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Loading a File into Variable - How??
Andre, here's the function that worked for me...
function file_get_contents($filename) {
$fd = fopen($filename, r, 1);
$contents = fread($fd, 12000);
fclose($fd);
return $contents;
}
$page_string = file_get_contents(my_file.php);
The third parameter in fopen() [1] can be removed if you don't want to look
for files in your include_path. The second parameter in fread() [12000] is
where I hardcoded the filesize. Increase that number if you'll be opening
larger files.
Originally I had 12000 replaced with filesize($filename) but if the
$filename was opened from the include_path, this seems to always return
zero, which is why I hardcoded the byte size into fread().
Monty
From: [EMAIL PROTECTED] (Andre Dubuc)
Reply-To: [EMAIL PROTECTED]
Newsgroups: php.general
Date: Thu, 18 Jul 2002 17:45:14 -0400
To: Monty [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Loading a File into Variable - How??
Hi Monty,
I've been trying to do the same thing with no success. Would you be so kind
as to show me how you finally did it? I'm not too clear what you meant by:
So, if I replace the filesize($filename) command with a hard-coded number,
it works.
Tia,
Andre
On Thursday 18 July 2002 04:28 pm, you wrote:
I just want to load an entire file into a
single string variable.
However, I figured out the problem shortly after posting that first message
(of course). Because the file being opened is in the include_path, it seems
filesize() doesn't see those files. So, if I replace the
filesize($filename) command with a hard-coded number, it works.
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Loading a File into Variable - How??
Hi Rasmus,
file_gets_contents() doesn't work in my version of PHP (4.2.1). It says not
a valid function or something like that. Also, I discovered that the
filesize() function won't work on files fopened from the include_path. It
returns a value of zero, so, I had to hardcode the bytes into the fread().
From: [EMAIL PROTECTED] (Rasmus Lerdorf)
Newsgroups: php.general
Date: Thu, 18 Jul 2002 15:14:13 -0700 (PDT)
To: Analysis Solutions [EMAIL PROTECTED]
Cc: PHP List [EMAIL PROTECTED]
Subject: Re: [PHP] Loading a File into Variable - How??
In 4.3 you would use file_get_contents()
In prior versions I would suggest:
$fp = fopen('filename','r');
$string = fread($fp, filesize('filename'));
fclose($fp);
The implode(file()) stuff is very memory-inefficient.
-Rasmus
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Passing variables to page via POST - How?
This is probably more of an HTML question... Is there a way to pass variables to another page via POST instead of via the URL? I need to pass several variables, one that is an array and another that is a fairly long string, so, I can't really do this via the URL. My initial idea was to just create a very simple form that only has hidden fields with the data I want to pass, along with an image Submit button that would call the page and pass the hidden field variables. Is that the only/best way to accomplish this? Thanks. Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: modify an element of a HTML tag within a string
Okay, this is just very general info to help point you in the right direction, but, here are some functions you'll probably need to accomplish this: * Regular Expressions * pregi() and/or eregi() * explode() and implode() * str_replace() Regular expressions will probably be the most important part of doing what you need to do. If you don't already know how they work, they are hard to grasp at first, but, very useful once you understand their purpose. Monty From: [EMAIL PROTECTED] (Justin French) Newsgroups: php.general Date: Fri, 19 Jul 2002 13:50:08 +1000 To: php [EMAIL PROTECTED] Subject: modify an element of a HTML tag within a string Hi all, I've asked simular questions before, but I think I'm finally asking the *right* question to get the right answer. I'm look for some suggestions on the best method of parsing a HTML document (or part thereof), with the view of CAPTURING and MODIFYING a specific element of a specific tag. something like: 1. look for a given tag eg DIV 2. capture the tag (everything from 'DIV' up to the '') 3. look for a given attribute (eg ID=foo, ID=foo, ID='foo' -- all valid ways) 4. capture it 5. be given the opportunity to manipulate the attribute's value, delete it, etc 6. place captured tag (complete with modifed elements) back into the string in it's original position 7. return to step 1, looking for the next occurence of a DIV tag I really don't know where to start. I REALLY don't expect someone to write this for me, just some guidance would be great -- or maybe some inspiration :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Password in script
The password code will be parsed out by PHP, so, it won't be viewable in the HTML source delivered to the browser. Some advice: set up a user for your database that has the minimal amount of access necessary to perform queries or writing to the database and use that in your scripts. Don't ever use your master MySQL username and password. Monty From: [EMAIL PROTECTED] (Sailom) Newsgroups: php.general Date: Fri, 19 Jul 2002 10:03:02 +0700 To: [EMAIL PROTECTED] Subject: Password in script I am new to PHP and MySQL and never have experience in this area. I am writing a PHP script that connects to MySQL server. I have to put a password of MySQL into the PHP script. I think it may not be secured. What do you think? How can I make it more secure? Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Why won't this work?
Well, first thing I see is that you need to change this:
if ($mode == entrance)
You need the double equal signs for string comparison.
From: [EMAIL PROTECTED] (John Wulff)
Newsgroups: php.general
Date: Fri, 19 Jul 2002 00:25:12 -0700
To: [EMAIL PROTECTED]
Subject: Why won't this work?
Any ideas on why this won't work? It will only include(inc/entrance.php)
It never, no matter what the value of $mode, displays collection.php.
?php
$mode = entrance;
if ($mode = entrance) {
include(inc/entrance.php);
}
else if ($mode = collection) {
include(inc/collection.php);
}
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Getting name of referenced variable into string
Is there a way to get and store the name of a referenced variable into
another variable? Example...
$varname = blah;
checkit($varname);
function checkit($name) {
...code...
}
In the function above, I'd like to find out the name of the referenced
variable (pointed to by $name) which should equal varname so I can store
this string in another variable (i.e., $thename = varname).
Is there a way to do this in PHP??
Thanks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Faster: Includes or DB Queries??
Is there much of a difference in speed or efficiency between INCLUDEing files in a script or loading data from a database? I'm building a dynamic menu system for a website and not sure if it would be faster to store button data in a DB or just do it with Included files. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] $HTTP_SERVER_VARS not accessible in Functions
I'm trying to access some settings in the $HTTP_SERVER_VARS[] array, but, within a custom function() this array appears empty. In the calling script, however, the $HTTP_SERVER_VARS[] array is defined. I thought this was supposed to be superglobal and available on every level? If not, is there another command I can use? I also tried $_SERVER[] but this appears to be always empty no matter what level I call it on. Thanks. Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Password Generator Script
Can anyone recommend where I could find a decent script that automatically generates passwords? I don't care if they are readable or just random letters, numbers. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: timestamp triggered only on update?
I believe MySQL will only automatically update one TIMESTAMP field per record, according to their online docs. It will update if you don't specify a value when inserting a new record. You can also use the DATETIME field type which stores data as -MM-DD HH:MM:SS. This is what I use because it's easier to read by humans. Date and time are inserted into all DATETIME fields in a record automatically when set to allow NULL. You can then easily convert this to a Unix timestamp easily using the MySQL UNIX_TIMESTAMP() function when doing a query. PHP also has similar date/time conversion commands. I'm not a MySQL expert, so, the above my not be totally accurate, it's based on my own experience. Monty From: [EMAIL PROTECTED] (Ragnar) Organization: na Reply-To: Ragnar [EMAIL PROTECTED] Newsgroups: php.general Date: Fri, 26 Jul 2002 00:19:02 +0200 To: [EMAIL PROTECTED] Subject: timestamp triggered only on update? Maybe the wrong forum, but im giving it a try. Im used to for instance 2 columns in each table indicating when it was created and when it was last updated: Changed_date Registered_date In mysql it seems it is only possible to define a column as a timestamp, and this will trigger both on insert and delete. Is it possible to define changed_date to trigger only on update in mysql or do i have do give the correct timestamp manually from php? Thanx -R -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to UPDATE two MySQL Tables
I have two tables: member_basic and member_detail. When a member edits their record, they can edit or add data for either table, but, the data stored in member_detail isn't required, so, they can possibly leave these fields blank. By the way, both tables would be linked by a member id. Here's my dilemma: If they do fill in any fields associated with member_detail, I have to first see whether or not there's an entry in the member_detail table already for that user (based on member id number). If not, I then have to check ALL the form fields associated with this table to see if any data was actually entered so I know whether or not to create a new record for the member in member_detail. If there is already an entry for that member in member_detail, then I can just do a standard UPDATE. Now maybe this is how it has to be done, but, I was hoping there might be an easier way to do this. It appears it's not possible to UPDATE a JOINed table during a query, which is what I was hoping. I am trying to keep the DB efficient by keeping optional data that may be left empty in another table, but, it's only making my life difficult, so, unless there's an easier way, I may just combine all the fields into one table and be done with it. Sorry for the long-winded explanation. Any suggestion are greatly appreciated! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] POSTing Form Vars as Array ??
Is it possible to pass variables from a form as an array to another PHP file? For example, I have this: input type=text name=db['email'] value=? echo $db['email']; ? When the form re-loads after being submitted (it calls itself when SUBMIT is pressed), the var $db['email'] doesn't exist anymore. Is it only possible to POST variables to a page if they are not in an array? Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP Meetup, how many of you have signed up?
so with Guinness and bread, who needs to buy a meal? :-) Ooof. I feel bloated just reading that. :) Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Quotes getting screwed up in form fields
If someone enters this into a field... New York City and I need to re-display it in the field (if an error occurred, for example), this is what's in the field... New York \ I have another multi-line text field that I used quotes in and this doesn't happen with that field, even though they are both being treated in the same manner. What am I missing? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] RTRIM() - Won't accept 2nd Param
When I issue this command to remove any commas at end of string: $query = rtrim($query, ,); PHP give me an error saying Wrong parameter count for rtrim(). How can this be? The online manual shows rtrim can accept two parameters. Shouldn't this work? I have PHP 4.0.6 installed on the server. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Encrypting Passwords - Is it really necessary??
Is it really necessary to store passwords encrypted in a mySQL DB for a membership site if you're not storing sensitive info such as credit card numbers? How much security does that offer, really, and for whom? The reason I ask is because I'm trying to implement a forgot password feature on a membership site. But if I store passwords encrypted, I can't just send the password to their e-mail address, I have to generate a new one before sending it, which essentially locks that member out of the site until they get their new password. This has the potential to be abused by a vindictive person. All they need to know is the member's username or e-mail address and they can keep re-generating new passwords (locking the member out of their own account) for a member to annoy them. If the password wasn't encrypted, I could just e-mail their existing password. The only annoyance then would be someone sending this password over and over to another user, but, at least they won't get 20 new passwords and be locked out of their account as a result. If anyone else has dealt with this issue, I'd appreciate your insight. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Vars passed via URL disappearing
I just upgraded to PHP 4.2.2 and am trying to make my sites work with
register_globals turned OFF. I notice, however, that with register_globals
turned off any variables I pass via the URL don't seem to be recognized by
the script it was passed to.
So, if I pass http://my.site.com/page.php?id=2002;, the variable id is
empty when I try to access it in page.php ...
if (!empty($id)) { do stuff...}
else { echo error; }
With register_globals OFF, the above produces the error message. With
register_globals ON, it works fine.
I thought register_globals only affected session, cookie and get type
variables? Why is PHP ignoring the variables passed via the URL?
Thanks.
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP and MySQL
Indexes Putting strings in single quotes instead of double (WHERE id = 'something') Normalized database design. - Monty From: [EMAIL PROTECTED] (Erich Kolb) Organization: RB Receivables Management, Inc. Reply-To: Erich Kolb [EMAIL PROTECTED] Newsgroups: php.general Date: Fri, 2 Aug 2002 15:13:24 -0500 To: [EMAIL PROTECTED] Subject: PHP and MySQL Is there any way to speed up MySQL queries? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Vars passed via URL disappearing
Thanks, Steve. So, does this mean I now have to re-declare all vars passed via the URL or a form POST in every script that uses them? Or is there a quicker, easier way to make use of these vars with register_globals off in a script? Thanks! From: [EMAIL PROTECTED] (Steve Edberg) Newsgroups: php.general Date: Fri, 2 Aug 2002 12:45:41 -0700 To: Monty [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [PHP] Vars passed via URL disappearing 'variables passed via the URL' = 'GET variables' -steve -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Need Help with register_globals OFF
I'm trying to use the more secure register_globals=Off setting for some simple scripts that do authentication and use sessions. But I'm ready to rip all my hair out! Can someone recommend a good article online that clearly discusses what's different when you have register_globals=Off? I've spent hours looking through the PHP site but I'm just as confused as I was before I started. I thought this setting only affected global variables, but, there are all kinds of things not working properly, like the header() function. It just won't work at all with register_globals=Off, but works just fine when I switch it back on! Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Need Help with register_globals OFF
Thanks for the tips, Justin. Sounds like a good idea.
Do you, or anyone, know if the $_POST vars stay defined even after moving on
to another page? Do I also need to unset $_POST after passing the vars each
time?
From: [EMAIL PROTECTED] (Justin French)
Newsgroups: php.general
Date: Sat, 03 Aug 2002 15:46:57 +1000
To: Monty [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: [PHP] Re: Need Help with register_globals OFF
Anyone want to share any tips on how to deal with form vars passed to a
script with register_globals turned off? Do you simply refer to them
directly with $_GET['var'] or do you initialize vars locally that contain
all the $_GET vars?
Well I usually choose to POST forms, not GET them, but yeah, I just deal
with the vars as $_POST['var'].
If I'm referencing the vars a LOT, I make regular $vars out of each element
in the POST array:
$myvar = $_POST['myvar'];
If there's a lot of them, I do it with a foreach loop... something like:
?
foreach($_POST as $key = $value)
{
$$key = $value;
}
?
...will do the trick. It achieves the same as register_globals, but only
from one source, the POST array.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: User Authentication Problem
You might get some help if you post only the code relevant to the problem with a clear explanation of the exact problem. Otherwise, I doubt anyone will bother looking through all that code you posted links to. From: [EMAIL PROTECTED] (Tony Harrison) Newsgroups: php.general Date: Sat, 3 Aug 2002 20:31:54 +0100 To: [EMAIL PROTECTED] Subject: User Authentication Problem Hi, I need to authenticate users on an included page on my website, but the problem is, I cant get it to work. view it included at http://members.lycos.co.uk/ajohnh/ (Source at http://members.lycos.co.uk/ajohnh/source/index.txt) the actual file: http://members.lycos.co.uk/ajohnh/templates/twoShea/head.php (source at http://members.lycos.co.uk/ajohnh/source/head.txt) the location of the script that sets the cookie (I hard-coded the user and password combo for user ramonezrule into it): http://members.lycos.co.uk/ajohnh/templates/twoShea/setcookie.php (source at: http://members.lycos.co.uk/ajohnh/source/setcookie.txt) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Need Help with register_globals OFF
Well, I just upgraded a number of PHP scripts to function with register_globals turned off, and now better understand what's required to work with variables more securely. I wanted to share that the extract() command turned out to be a big help. Using it meant I didn't have to put $_POST[' '] around every variable passed by a form. Instead, I put one or both of these lines of code at the beginning of scripts that use forms or receive vars passed via the URL: extract($_POST); extract($_GET); extract() creates local variables using the 'key' and 'value' from the $_POST or $_GET arrays. I even discovered it works with multidimensional arrays that may be passed by forms. In that case, if I have an array named formvar that collects all data from the form (i.e., $formvar['name'], $formvar['address'], etc.), then I use extract this way: extract($_POST['formvar']); This will create local variables named $name and $address that contain the values passed from the form. Here's where you can find more about this function: http://www.php.net/manual/en/function.extract.php One thing to remember is that if you put extract() in a custom function (which I did initially), it won't really work because the variables are created only within the scope of the function, so, as soon as it returns to the script, the vars it created are released. Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] register_argc_argv
What does this parameter do in PHP.ini, and what would happen if I turned it off? From reading the PHP site, it appears this is only useful if you use PHP from the command line, is that right? Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Checking Session Vars in Functions
I have PHP 4.2.2 with register_globals=off.
It seems like session vars stored in $_SESSION[] aren't visible to
functions. For example, this won't work for me:
$status = user_access();
function user_access() {
if ( isset($_SESSION['user']) ) { return 1; }
else { return 0; }
}
Result is that $status = 0 even though I know those session vars are set.
if ( isset($_SESSION['user']) ) {
echo Logged In;
} else {
echo Not Logged In;
}
Result for the above is Logged In even though I'm checking the same
session var. My script does include session_start(); as well.
So, is there a way I access session vars stores in $_SESSION[] from a custom
function? Thanks!
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Name of Include File breaking a Function - Strange!
I have an include file named functions.inc.php that I include in nearly
every script. For some bizarre reason, the following function inside this
file does not always work:
function user_acess() {
if ( isset($_SESSION['valid_user']) ) {
return 1;
}
return 0;
}
Most of the time it returns 0 (zero) even though I know the session variable
is set. However, if I rename the functions.inc.php file to functions.php and
make NO changes at all to the code, it suddenly works!? In fact, it seems
that if I rename the include file to anything but functions.inc.php, the
above function works as expected, returning 1 instead of 0. I tried
functions2.inc.php, funct.inc.php ... they all worked.
What the hell is going on here? How could the name of the include file
affect whether or not a function inside it will work?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Name of Include File breaking a Function - Strange!
Dan, you were right and I feel so retarded now! I found another include file of the same name in the folder with the script that wasn't working. It was driving me crazy but I didn't even think to check that. Thank you for replying! Monty. Perhaps, somewhere in your include path is another file named functions.inc.php? Perhpas another file you're mistakenly including has a function already named user_acess()? In your test script, use the function_exists() function before you define the user_acess() function to see what's going on. --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Getting information of a client
Try this: $_POST['var_name'] Monty From: [EMAIL PROTECTED] (Radio X) Newsgroups: php.general Date: Fri, 9 Aug 2002 23:38:42 -0700 To: [EMAIL PROTECTED] Subject: Re: [PHP] Re: Getting information of a client how can i get a variable posted from a form by a user whitout having register_globals set On? Nick -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How do I upgrade my version of PHP?
I've downloaded the patch file for 4.2.2 to 4.2.3 from the PHP website, but, not sure what to do with this file. I have a Linux 7.x server. Can anyone tell me how to patch my version of PHP or point me to a source that explains how this is done? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How do I upgrade my version of PHP?
Could you explain what man patch does or is? I haven't updated using a patch before. Thanks. From: [EMAIL PROTECTED] Newsgroups: php.general Date: Wed, 11 Sep 2002 23:14:55 +0200 To: [EMAIL PROTECTED] Subject: Re: How do I upgrade my version of PHP? You should use the patch command, feel free to man patch. -- Nicos - CHAILLAN Nicolas [EMAIL PROTECTED] www.WorldAKT.com - Hébergement de sites Internet Monty [EMAIL PROTECTED] a écrit dans le message de news: [EMAIL PROTECTED] I've downloaded the patch file for 4.2.2 to 4.2.3 from the PHP website, but, not sure what to do with this file. I have a Linux 7.x server. Can anyone tell me how to patch my version of PHP or point me to a source that explains how this is done? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] All Queries TRUE even when they should be FALSE
Even though I have no record in my MySQL DB with that has 005 in the ID
field, the following statement always reverts to Record Found, or True, no
matter what ID I use. What's wrong? I'm using PHP 4.2.2. Has something
changed that makes this work differently? Thanks.
$query = SELECT id FROM member WHERE id = 005;
$connect = mysql_pconnect(localhost, dbname, password);
$result = mysql_query( $query, $connect ); // Query DB.
if ( !empty($result) ) {
echo RECORD FOUND;
} else {
echo RECORD NOT FOUND;
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] BEST Book for Learning PHP/MySQL
I'm a PHP and MySQL beginner. What's the best book I can buy that will get me started using both these technologies? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] The BEST Content Management Script?
Hi, I'm looking for a really good content management system written in PHP that's free or very little money. I looked on HotScripts.com, but, there are SO many of them! Can someone recommend one or two good ones? Thanks!! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] BEST Book for Learning PHP/MySQL
Sorry, I did a search here and found only one message with book recommendations. Where's the archive? Is it a separate newsgroup? I looked on php.net, but, only found a long list of books available, no recommendations. Monty From: [EMAIL PROTECTED] (Kurt Lieber) Reply-To: [EMAIL PROTECTED] Newsgroups: php.general Date: Mon, 3 Dec 2001 20:50:29 -0800 To: [EMAIL PROTECTED] Subject: Re: [PHP] BEST Book for Learning PHP/MySQL There's dozens upon dozens of messages in the archive about this topic, which comes up at least once per month. I believe there's also a blurb or two about PHP books on the PHP web site, php.net. Please check those resources. --kurt On Monday 03 December 2001 08:35 pm, Monty wrote: I'm a PHP and MySQL beginner. What's the best book I can buy that will get me started using both these technologies? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Text Fields - How Big Can They Be?
Hi Guys... This is indirectly related to PHP: Does anyone know the max amount of text a free-form HTML text field can handle? I noticed that for some longer articles we're storing in a content management system written with PHP, we were unable to paste the body of the article into the text field because there was too much text. When we pared the text down, it was no problem. This is bad news for a content management system! We have some longer articles, around 8-10 HTML pages, and now I have no idea how we are going to get them into the system using an HTML form. I really don't want to have to do this manually in MySQL. That would make me break down and start sobbing. Has anyone else dealt with this and found a solution? Thanks a lot! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Upgrading GD to 2.1
I've got GD 1.6 installed with PHP 4.2.2 on a Linux server. Is upgrading to GD 2.1 tricky? I'm very new to Linux and have no clue where to start or how to do it. My server is remote, so, I access it using Webmin. I've look for instructions on how to do this online, but, nothing specific enough for a Linux novice like me. Does anyone know of a good place to find out how to do this? I'm all Goggled out. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Upgrading GD to 2.1
Nofa, sorry, forgot to say Redhat Linux. What you mentioned seems pretty easy, actually. I'll give a try and keep my fingers crossed. Thanks! Monty From: [EMAIL PROTECTED] (Nofa) Reply-To: nofa [EMAIL PROTECTED] Newsgroups: php.general Date: Sat, 14 Dec 2002 20:13:20 +1300 To: [EMAIL PROTECTED] Subject: Re: Upgrading GD to 2.1 what linux are you running? Redhat? Mandrake? ifso it should just be a matter of downloading the appropriate packages and doing a 'rpm -U gd-version.rpm' as root. ( if redhat/mandrake/some other rpm managed dist ) I've got GD 1.6 installed with PHP 4.2.2 on a Linux server. Is upgrading to GD 2.1 tricky? I'm very new to Linux and have no clue where to start or how to do it. My server is remote, so, I access it using Webmin. I've look for instructions on how to do this online, but, nothing specific enough for a Linux novice like me. Does anyone know of a good place to find out how to do this? I'm all Goggled out. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Text Fields - How Big Can They Be?
HI Nofa, When you say submit the file, do mean as a TXT file via a file upload field? If so, not sure what to do with the file once it's been uploaded. Do I read the file using fopen(), then just put this into a var that can be stored in the DB? Hmmm... sounds like a good solution. Monty From: [EMAIL PROTECTED] (Nofa) Reply-To: nofa [EMAIL PROTECTED] Newsgroups: php.general Date: Sat, 14 Dec 2002 20:00:45 +1300 To: [EMAIL PROTECTED] Subject: Re: Text Fields - How Big Can They Be? Have you considered allowing them to submit the actual file? rather than all the text within. It may not be exactly what you're after, but its one way :] - Original Message - Hi Guys... This is indirectly related to PHP: Does anyone know the max amount of text a free-form HTML text field can handle? I noticed that for some longer articles we're storing in a content management system written with PHP, we were unable to paste the body of the article into the text field because there was too much text. When we pared the text down, it was no problem. This is bad news for a content management system! We have some longer articles, around 8-10 HTML pages, and now I have no idea how we are going to get them into the system using an HTML form. I really don't want to have to do this manually in MySQL. That would make me break down and start sobbing. Has anyone else dealt with this and found a solution? Thanks a lot! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Text Fields - How Big Can They Be?
Hi John, I'm using POST for the form. But it's the HTML form field itself that won't allow me to paste in a large amount of text. If I can get the field to accept the text, there's no problem sending it via POST to the PHP script. Are you behind the new PHP Architect magazine? I saw the site and will definitely be subscribing! It's a great idea. Thanks, Monty From: [EMAIL PROTECTED] (John W. Holmes) Organization: U.S. Army Reply-To: [EMAIL PROTECTED] Newsgroups: php.general Date: Sat, 14 Dec 2002 02:06:59 -0500 To: 'Monty' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] Text Fields - How Big Can They Be? Are you using GET or POST as the method of your form? GET will limit the amount of text you can submit because it appears in the URL. POST really doesn't have a limit, as far as I know. ---John W. Holmes... PHP Architect - A monthly magazine for PHP Professionals. Get your copy today. http://www.phparch.com/ -Original Message- From: Monty [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 14, 2002 1:48 AM To: [EMAIL PROTECTED] Subject: [PHP] Text Fields - How Big Can They Be? Hi Guys... This is indirectly related to PHP: Does anyone know the max amount of text a free-form HTML text field can handle? I noticed that for some longer articles we're storing in a content management system written with PHP, we were unable to paste the body of the article into the text field because there was too much text. When we pared the text down, it was no problem. This is bad news for a content management system! We have some longer articles, around 8-10 HTML pages, and now I have no idea how we are going to get them into the system using an HTML form. I really don't want to have to do this manually in MySQL. That would make me break down and start sobbing. Has anyone else dealt with this and found a solution? Thanks a lot! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using mail() for mailist list app
Happy New Year everyone! Is the PHP mail() command robust enough to use in a little mailing list app? The app will basically send an HTML or Text e-mail to the member database of about 6,000 people. I'm using RedHat Linux 7.2 with PHP 4.2.2, by the way. I'm concerned I'll bog down my server if I issue the mail() command 6,000 times on our server, but, maybe it won't be a problem? Also, although I'm sending HTML e-mail, I'm not including attachments or inline graphics (only direct hotlinks to graphics on a web server). Will mail() still work okay for this, or do I need to use one of the various PHP e-mail classes available to send HTML e-mail? Any recommendations for online tutorials about building a mailing list manager using PHP would be much appreciated! Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Dreaded Return-Path and mail()
Okay, I've read just about everything on the Internet about how the change the Return-Path header in an e-mail sent using mail(), but, I STILL can't get it to work. All e-mail sent via PHP says Return-Path: [EMAIL PROTECTED] and Received: (from nobody@localhost). I have a Red Hat Linux 7.2 server running PHP 4.2.2. I've tried the following and none of them worked: + I put the following in my Apache httpd.conf file: php_admin_value sendmail_path /usr/bin/sendmail -t -i -f [EMAIL PROTECTED] I also tried this without -t and -i. None of them worked. I did remember to re-start Apache each time so the settings took effect. + I tried adding -f [EMAIL PROTECTED] as the fifth parameter for the mail() command, but, that didn't make a difference either. Actually, as I have other items for the fifth header parameter, I wasn't sure where the above command should be placed. I tried at the beginning and end of other header info I was placing, but, nothing seemed to work. + I added nobody to Sendmail's trusted users. No difference. Is there anything else I can try? I want to avoid changing this in the PHP.ini file because I don't want e-mail from all domains to look like it is coming from a single domain, if possible. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Regex for Browser Versions
Maybe it might be easier to just use the get_browser() function:
http://www.php.net/manual/en/function.get-browser.php
Monty
From: [EMAIL PROTECTED] (Gerard Samuel)
Newsgroups: php.general
Date: Thu, 05 Jun 2003 14:00:23 -0400
To: [EMAIL PROTECTED]
Subject: Regex for Browser Versions
Im trying to pull the Mozilla version and *possibly* the MSIE x.xx
string out $_SERVER['HTTP_USER_AGENT']
If I did this correctly, (MSIE\s\d\.\d{1,2})? should mean that if its
there pull it out, else move on, since its not there.
When viewing this script via a windows browser, it doesn't match the
MSIE section. If I take out the trailing ?, it will match successfully.
But when viewing it with a mozilla browser, the regex fails as there is
not MSIE string in there.
Any help with this would be appreciated.
Thanks
?php
var_dump($_SERVER['HTTP_USER_AGENT']);
echo 'p';
preg_match('/^(Mozilla\/\d\.\d{1,2}|Opera\/\d\.\d{1,2})\s\(.*?(MSIE\s\d\.\d{1,
2})?.*?\)(\sOpera)?/',
$_SERVER['HTTP_USER_AGENT'], $foo);
var_dump($foo);
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Where to start?
Knowing any kind of programming language will help in learning PHP. If you understand variables, arrays, if/else structures, etc., it allows you to skim over some of the basics quickly. I had very little programming experience, but, learned a lot from the book PHP and MySQL Web Development by Luke Wellington and Laura Thomson. This was a about 2 years ago, though, and if they haven't come out with an update, then it's probably a little too outdated by now. Also, I learned LOTS from a number of guys on this newsgroup who generously offer their advice and wisdom. The sites that a few others mentioned are also helpful. Once you start programming, ALWAYS check out the online PHP help on php.net. It's really excellent and is chock full of input from users who offer sample scripts and solutions for all kinds of things. It's the best resource anywhere. I also get PHP Architect (phparch.com), a PDF publication that has some good and helpful stuff in it. As you can see, there are lots of online resources for PHP and MySQL. Monty From: [EMAIL PROTECTED] (Simon Thurtle) Organization: Mainlink Reply-To: Simon Thurtle [EMAIL PROTECTED] Newsgroups: php.general Date: Thu, 5 Jun 2003 13:36:14 +0100 To: [EMAIL PROTECTED] Subject: Where to start? Hi all, I am looking into learning PHP, I have a good understanding of HTML, JS and I know a little Perl. Firstly I know PHP is all server side and so a damn sight different from the above, but will they help me at all? Secondly where do I start? Are there any good on-line resources and or books that anyone knows? I am plannig to develop an E-comm solution us Oscommerce, does anyone know if this is any good or is naff? Any hints, tips or pointers would be greatly appreciated. Thanks, Simon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Gracefully dealing with Cookies OFF
both the cookie and URL based session passed over without SSL is insecure. i'd love to know who told you otherwise. I can't remember the exact sites now, but, the issue was about how much easier it is to spoof Sessions when IDs are passed via the URL as opposed to being stored in a cookie. perhaps now is the time to re-think all this stuff, decide if you are going to support everyone (which i would for any paying client with a wide target market), or skip over those who don't meet your definition of a web visitor. After your indepth response, I've re-thought my re-thinking and have gone back to wanting to support all users whether or not they have cookies turned on. And, miraculously, I've already got it working, so, thanks for your detailed reply. But going back to the first point, if I'm passing Session IDs via the URL, shouldn't I be doing something more to make the site a little more secure? I don't store sensitive data in sessions vars, but, if it allows a non-paying member to hijack a paying member's session, then this is going to be a problem. But I'm not sure what more I can do to make the session a little more secure and less likely that someone will hijack it. SSL is a little overkill for this, as this isn't a bank or financial institution, it's just a little community website. The log-in for the site is fairly simple: After verifying the username and password against what's stored in the DB, it sets up a few session vars with that member's access level and a few other preferences. This is so I don't have to continually query the DB for this info on every page. Is there anything more I can do to make it harder to spoof sessions? just to throw another spanner into it all, what happens if I have JS off? will I still be able to access the content of the pop-ups? i bet not :) Well, I have to draw the line somewhere. Javascript is used throughout this site for simple things like resizable popups. I'm not willing to dumb it down that much. Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: session_start questions.
Sessions seem like voodoo at first, but, once you understand what's really going on, it's actually not that complicated. Here are some links to check out: http://www.zend.com/zend/spotlight/sessionauth7may.php http://www.free2code.net/tutorials/programming/php/4/sessions.php http://www.devshed.com/Server_Side/PHP/Sessions http://www.phpbuilder.com/columns/index.php3?cat=6subcat=36 Sessions are tracked by your server in little text files with names like sess-ac765JB84Ept932KCc9w0L9374. Each user to your site has a custom session set up for them when you issue a session_start() in PHP. The name of this session file is either stored in a Cookie (if the user has cookies enabled) or is passed from page to page on the URL (which makes the URLS long and ugly). Using PHP's built in session functions, you can store data in those server session files just by setting variables within the $_SESSION[] array, like this: session_start(); $_SESSION['username'] = 'Bob'; $_SESSION['accesslevel'] = 2; Because the session file follows the user around from page to page, you can access the above data within your PHP scripts at any time... session_start(); echo Hi there .$_SESSION['username']., welcome back!; That's a very brief overview. The above links provide better explanations. Monty From: [EMAIL PROTECTED] (Daniel J. Rychlik) Newsgroups: php.general Date: Thu, 5 Jun 2003 16:19:04 -0500 To: [EMAIL PROTECTED] Subject: session_start questions. Questions, Questions, Questions. Where do I start in understanding how this function works. Ive read the document multiple times, and I am having a bit of trouble figuring out how this function works. I know that you can take session data and hold it somewhere for a user and use that data throughout php web pages. I am wandering, where is this data held and how to do you reference it ? Is their a more detailed explanantion of session's ? If their is not, once I get this, I will write one for people like me. You know, Sessions for Dummies ;o) Never the less, how do you set a session name for a specific user and hold that data for processing? Is this magic from somewhere or do you specifically name a session for every user ? What about security implications ? I will be running all my forms through secured protocol so hopefully their wont be any hijacking going on... Sorry for being a pain. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: using a for loop but it is not working how come
I am having a problem with this script It pulls a list of numbers from
one field in the database (the numbers are in this format
(275,277,278,276) It needs to pull each number and run it through the
function dofunction and then move on to the next one in tell there are
no more to process. What am I doing wrong or is there a better way to
do this.
sql=Select Numbers from dom where name = '$name';
$results=safe_query($sql);
$DBRow = mysql_fetch_array($results);
$numbers = $DBRow[Numbers];
$numbers = array($numbers);
for($i = 0; $i count($numbers); $i++) {
$number = $numbers[$i];
dofunction($number);
}
You have a few problems in your code. This hasn't been tested, but, is a
start...
sql=Select Numbers from dom where name = '$name';
$results=safe_query($sql);
$DBRow = mysql_fetch_array($results);
$number_array = explode(,, $DBRow[Numbers]);
// above splits number list into array using comma as delimiter
foreach($number_array as $digit) {
dofunction($digit);
}
Above foreach() construct loops through the array and assigns the value of
each element to $digit, and continues doing this until it reaches the end of
the array.
http://www.php.net/manual/en/control-structures.foreach.php
http://www.php.net/manual/en/function.explode.php
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Best Approach for defining User Access Levels
Hi. I've set up a membership site that has different levels of users. Each member's DB record has a user_status field that has a number from 1-9, 9 being the highest (Admin) level of access. This has worked okay, but, I'm finding this system of granting access too limiting, and need finer control over who has access to what. Does anyone know of a better system for granting access to groups of users that isn't too complicated but is flexible enough to add or remove access to whole groups of users? I'm trying to not reinvent the wheel here if possible. Thanks for any suggestions! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Opening a Dynamic Pop Up Window
This should be fairly easy. It sounds like the script you are using is
opening only the image in a new window, and not a page that loads the image
in a new window.
Just add some Javascript to the links around your thumbnails, like this:
a href=javascript:window.open('show_photo.php?img=image.jpg');
Then you need to create a script called show_photo.php that takes the img
var passed by the Javascript above and loads that image onto the page.
$image = $_GET['img'];
echo img src='$image' border=0;
Hope that helps.
Monty
From: [EMAIL PROTECTED] (Jeffrey L. Fitzgerald)
Newsgroups: php.general
Date: Thu, 29 May 2003 14:28:11 -0400
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Opening a Dynamic Pop Up Window
Help! :-)
Have a need for a pop up window to show images when the thumbnail is
clicked. But the script I found only shows the image and no background,
etc. I want to be able to have the pop up open and then send it a php
created dynamic page with the proper html and image.
In perl I know how to do this, by calling a perl script, sending the
filename variable and returning with a generated page. But I am not as
familiar with PHP. Here is the script I found:
http://www.ciarasprettygoodpictures.com/gallery.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Using Cookies Securely
I see some posts here that say storing a username or encrypted password in a cookie is not secure. If so, then what's a more secure way to allow users to be remembered using a cookie so that they don't have to log in every time they come to the site? What do you store in the cookie to authenticate against? Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: 3 entries going into 1 field
I'll add to what the others have already said. As was already mentioned, you need to create three dropdown fields for the birthdate: year, month and day. I do this by setting up arrays for each field that offers valid date choices. $year[2000] = 2000; $year[2001] = 2001; $year[2002] = 2002; etc... $month['January'] = 01; $month['February'] = 02; $month['March'] = 03; etc... $day[1] = 01; $day[2] = 02; $day[3] = 03; etc... I use these arrays with a simple function to set up the dropdown form elements that stores the selected results in another array: $realdate. When the form is submitted, I simply stitch the date together into a valid MySQL DateTime format of -MM-DD using the values stored in the $realdate variable... $realdate['year'].-.$realdate['month'].-.$realdate['day']; This would insert the date as: 2003-05-21 Monty From: [EMAIL PROTECTED] (Vicky) Newsgroups: php.general Date: Sat, 31 May 2003 15:05:43 +0100 To: PHP List [EMAIL PROTECTED] Subject: 3 entries going into 1 field Hi, I have a registration form, but I would like to add a Date of Birth section. Now, because of the different formats of writing it I want to have 3 seperate drop down boxes, Date, Month and Year. However, I then want those 3 dropdowns to go into one field in a mySQL database, in DD/MM/ format. How can I acheive this, in simple language as I'm a newbie to this stuff ^_~ Thanks! Vicky -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Cookies and Sessions: What's the Best Recipe?
I have a member site that uses sessions. People who have their browser cookies turned off, however, cannot use our site. I read somewhere that to avoid this, I'd have to manually append the PHPSESSID var to every URL when redirecting in a script. Is this really the best or only way to avoid this problem? Or, is it simply unavoidable? Right now, I tell users that the site will only work with browsers that have cookies turned on, but, I'd rather the site was accessible to all. However, I also don't like passing session IDs via the URL because of the security risk. Any suggestions?? Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: regex problem
I don't understand what it is you're trying to accomplish, so, it's hard to
offer a solution. If you just want to verify whether or not a variable
contains numeric data, why not just use the is_numeric() function:
http://us4.php.net/manual/en/function.is-numeric.php
preg_match() will return TRUE if it finds the pattern ANYWHERE in the
string, so, that's why asdf789 passes the test because it contains digits,
whereas 'asdf' won't pass the test because the numbers 0-9 can't be found
anywhere in that string.
If you want the entire string to be tested for digits, you need to add the
length of the string to the regex pattern:
$length = strlen($data);
preg_match([0-9]{$length}, $data);
Monty
From: [EMAIL PROTECTED] (Daniel J. Rychlik)
Newsgroups: php.general
Date: Sat, 31 May 2003 13:46:44 -0500
To: [EMAIL PROTECTED]
Subject: regex problem
Hello,,
I have a preg_match issue matching numbers. I am currently using
!preg_match ('/([0-9\-\.\#:])/', $_POST['nums1']
throw error[]
This fails if you use something like ' asdf ' but if you use ' asdf789 ' it
passes false and does not throw an error.
This is not the obvious solution I know its a problem in my regular
expression. Should I ONLY be using
' /([0-9])/ ' , ?
Thanks in advance.
Daniel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies and Sessions: What's the Best Recipe?
I have a member site that uses sessions. People who have their browser
cookies turned off, however, cannot use our site. I read somewhere that to
avoid this, I'd have to manually append the PHPSESSID var to every URL when
redirecting in a script.
One way around this would be to write a simple wrapper function which does
this for you automatically:
?
// UNTESTED
function redirectWithSession($location)
{
$sid = session_id();
$sname = session_name();
header(Location: {$location}?{$sname}={$sid});
}
?
Then (after testing the above code thoroughly) you just need to do a batch
search and replace on your whole site source for 'header(Location: ' with
'redirectWithSession(', and everything should be cool I think. Please
test all thoroughly :)
Justin, I took your suggestion and tried out the above on some test files. I
made some slight mods, but, it works perfectly. The only thing I don't like
about this solution is that the session ID is appended to the end of the URL
for everyone, even if they have cookies enabled. (I have trans-sid enabled).
Is there any reliable way to avoid this, or is this just a small side-effect
of making the site accessible to all?
Thanks!
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to remove empty Session Var from URL
I noticed that for users with cookies turned off, once they log out (in which I unset and destroy all session vars) and are returned to the Log-in page, all of my links have an empty PHPSESSID= tag at the end like this: a href=help.php?PHPSESSID= This prevents someone from logging in again immediately unless they first leave the site then come back to clear the empty PHPSESSID var from all the URLS. How can I make this stop? Thanks Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Cookies and Sessions: What's the Best Recipe?
Guys, that's exactly what the SID predefined constant is for -- it's defined
only when a session is active, and it has the value
sessionname=sessionid (e.g. PHPSESSID=1afd764ecb938274) if and only if
the session id was passed in the URL -- otherwise it contains the empty
string. So you can safely do:
header(Location: {$location}?.SID);
The SID constant var is a good idea! I didn't realize this existed. Taking
what Justin originally suggested, I've now modified the myHeader() function
to only append the SID if it exists (else, it returns the $location var as
it was passed). It also checks to see whether there is a ? in the $location
var. If so, it will append the SID using a , otherwise it will append the
SID with a ?.
I haven't tested this yet, but, if anyone has any other suggestions or
recommendations, please post them.
function myHeader($location) {
if (SID) {
if (strstr($location, '?')) {
header(Location: {$location}.SID);
} else {
header(Location: {$location}?.SID);
}
} else {
return $location;
}
return;
}
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: determine action of a form dynamically?
Hi, I want action of a form to be PHP_SELF untill user presses continue button. If continue button is pressed than next.php should be the action of the form. how to do this? Thanks in advance, Mukta I'm not sure why it's necessary to do this, but, not sure it can be done. Maybe with Javascript and an onClick= command inside the input button tag or an onSubmit= inside the form tag. Do you simply want to hide the name of the file that the form will go to once a button is clicked? If so, you need an in-between script that the form uses to determine where to send the user. So instead of sending them to PHP_SELF or next.php, use something like goto.php, which can determine where to send the user next, and then redirects the user using the header() function. Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Migration from register_globals=on to register_globals=off
If you're getting errors for undefined variables, you can reduce the level
of error reporting in PHP.ini so it only does so for more serious errors. I
had a similar problem and this cleared things up. See the PHP manual...
http://www.php.net/manual/en/ref.errorfunc.php#ini.error-reporting
Also, I don't recommend using the extract($_POST) command as a way around
register_globals being off, it kind of defeats the purpose. Better to grab
only those variables you need like this:
$formvals = $_POST['my_formvals'];
I put all form values into an array so I only have to grab one POST
variable. It makes it a little easier. Also be sure to clean the data with
some kind of function that uses strip_tags() and similar functions.
Monty
From: [EMAIL PROTECTED] (ØYstein HåLand)
Newsgroups: php.general
Date: Tue, 3 Jun 2003 18:44:30 +0200
To: [EMAIL PROTECTED]
Subject: Re: Migration from register_globals=on to register_globals=off
I tried changing my code to (since the variable $printout in this case is
sent with GET)
($_GET['printout'] != yeah) { include(header.php); }
and got the following error:
Undefined index: printout
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Gracefully dealing with Cookies OFF
I've decided to require that members for a site need to have cookies enabled in their browsers to sign-up and use the site. Is there a graceful way to deal with this when users who have cookies off try to sign-up or log-in to the site? Thanks, Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Gracefully dealing with Cookies OFF
Hi Justin, I hear what you're saying about refusing people without cookies turned off, and I really tried to make it work on my site, but, keep running into lots of problems. I do have enable-trans-sid turned on, but, get inconsistent results. For example, when someone logs out I return them to the log-in page. Even though I've deleted all sessions vars and destroyed the session before redirecting them, I noticed that the login page is full of PHPSESSID= tags that are sometimes empty and sometimes filled with a session ID. This happens whether or not I use session_start() at the beginning of my login script. As a result, it totally screws up the log-in process. I was seeing instances where it was appending two different PHPSESSIDs to the URL! And then there are things like header redirects (which you had a good solution for) and javascript popups. Those are ignored by enable-trans-sid, so, it means I have to go through all my scripts (there are many) and tweak them to pass the SID to every URL. The reason I decided against doing all this tweaking was because while researching this online, I read many statements by developers saying that passing Session IDs via the URL is more of a security risk than allowing this to be done via cookies. As the site I'm working on will be a pay membership site, it seems like a good idea to require cookies. I realize I may be turning people away, which would also be the case for those using ancient browsers. But, I don't have the level of programming expertise or resources of companies like Amazon and MSN who probably have very robust security systems in place even though they are passing sessions via the URL. I do appreciate your comments and insight on this, it makes me keep thinking: should I? could I? I'd be interested in hearing how others have dealt with requiring users to have cookies turned on for sessions, or not. Monty From: [EMAIL PROTECTED] (Justin French) Newsgroups: php.general Date: Wed, 04 Jun 2003 19:23:11 +1100 To: Monty [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [PHP] Gracefully dealing with Cookies OFF Why on earth would you refuse users without cookies?? Take a look at all the major websites (amazon msn for starters). Do they require cookies? No. Do they require JavaScript? No. Do they require anything else special on the site? No. They take advantage of technology where available (DHTML and CSS for example), but the basic guts of the site can function without any of it, to the best of my knowledge. Instead, you choose to defy what every major site is doing, and require cookies. Cookies are not available to a wide number of users: - those in corporations where the IT dept. has disabled them - those accessing the 'net from any public computer: - libraries - airports - internet cafe's - those who choose to have a more secure, private web experience - those who don't understand the technology Doesn't make sense to me at all, but as long as you properly inform the client of your choice to ignore a large portion of users, then I guess it's your (and their) choice. PHP actually has a nice degradation of sessions built in. If you compile PHP with enable-trans-sid (compiled by default on PHP = 4.3 I *think*), PHP will: 1. use cookies wherever possible, OR 2. rewrite* all relative URLs/links in your pages to include the session id, where cookies are not available * in practice, it doesn't handle javascript or other client side scripting that well from memory. Even with enable-trans-sid not compiled, you can manually append the session id to all your URLs with the pre defined constant SID. This is just my point of view, but I don't believe you have any excuse for not allowing non-cookie users to join in the fun, and CERTAINLY not without informing the client of your decision. To manually test for cookies, know that you're testing, then let the user know that you don't want their business/traffic is more work than just letting PHP handle it with enable-trans-sid. Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Sessions Timing Out Too Often
I'm finding that my sessions seem to be timing out fairly quickly. For example, in a little forum I wrote with PHP, people are telling me that if they type a long message and click Submit, they are taken to the Login page because their session obviously timed out, and they loose their posts in the forum. I do have a remember me feature that uses a cookie, but, not all visitors are using it, and they are the ones experiencing this problem. Is there a way to extend session time, and is that the best way to reduce this problem from happening to most members? Thanks! Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Garbage at beginning of uploaded Text File
I have a form that allows someone to upload a text file, the contents of which will be inserted into the database. When I fread() the file, there is some garbage at the beginning and end of the text. Here's what the text looks like: This is the sentence of text. Here's what it looks like after uploaded and fread(): *ch?d?m This is the sentence of text.SORT~ The text file being uploaded is a BBedit file, which should be a plain text file. I'm not sure where this garbage is coming, and if there's an easy way to remove it before I put this into the Database. I searched the PHP help files for an hour and searched here, and couldn't find anything related. I'm using PHP 4.2.3 on a Redhat Linux server. Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Garbage at beginning of uploaded Text File
Are you using Apache2? IIRC, there was a bug where data would get added to the POST data, or something along those lines... What if you just look at the file with a regular text editor? Do you see that data there after it's uploaded and written to the server, or does it just appear into the data when it's fread()? ---John W. Holmes... John, when I open the file in a text editor I don't see the garbage, just the text. I have Apache 1.3.22 on my server. I'm not writing the contents to a file once uploaded to the server because I want to store it in a database field. The garbage is added to the DB just as it appears when I echo the variable to the screen after the file has been uploaded. Also, I'm doing the fread() on the tmp_name after the file is uploaded, because I don't need the file once I read the contents into a variable. I was wondering if changing the enctype parameter in the form tag would make a difference (but I don't know what to change it to). Currently it's set to multipart/form-data. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] All Code Executing Even After header() Redirect
At the top of every page in my site I have a snippet of code that
authenticates the user by checking for valid SESSION vars and their
contents. If they don't, they are redirected with a header() statement to a
log-in page like this:
include_once(function_library.php);
session_start();
if (!LoggedIn()) { // If not logged in, take to Login page.
header(Location: /login.php);
}
LogAccess($_SESSION['user']); // This function logs user's access.
I noticed that the LogAccess() function I have after the header() redirect
is executing, even if the user is not logged in and is redirected to the
Log-In page. I did confirm that the LoggedIn() custom function is working
properly and returning the right value.
I thought the code below the header() redirect would not actually be
executed unless the user was logged in and allowed to proceed. Is this how
PHP is supposed to work? Is there any way to prevent the script from
executing below a certain point if the user is not logged in?
Thanks,
Monty
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Run db query with db query?
What is the code for the inner query? Hard to advise you based on the small
bit of code you posted.
Are you using the same $result var for both queries? If so, that's why. Just
run two separate queries stored in to different result vars. I do this all
the time with no problems.
From: [EMAIL PROTECTED] (Cf High)
Newsgroups: php.general
Date: Mon, 3 Mar 2003 16:45:52 -0800
To: [EMAIL PROTECTED]
Subject: Run db query with db query?
Hey all.
Got a problem here:
1) I have a page that queries our db for info
2) Based on the # of rows returned I loop through to create a set of
formfields for each customer
3) Within this loop I run another query to retrieve option elements for
a particular category
The problem is that the inner query is overwriting the result resource for
the outer query. So:
while ($q = mysql_fetch_row($result)) {
build form tables for each client and run inner query
html stuff
/* Calls db query to populate particular option category */
write_select_options($tables,$form_fields,$where_clause);
}
What's the conventional method for running queries within queries?
Any leads most appreciated,
--Noah
--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: functions and a href
You can't call a PHP function directly from an HTML tag. You'll instead need
to do something like this:
a href='/logout.php'
Then create a logout.php file that has your logout code.
From: [EMAIL PROTECTED] (Martin Johansson)
Newsgroups: php.general
Date: Mon, 3 Mar 2003 23:32:16 +0100
To: [EMAIL PROTECTED]
Subject: Re: functions and a href
Ok to make it simplier, this is what I wanna do!
?php
echo a href=logout();Logout/A;
function logout()
{
.
}
?
How do I do it!!!
/M
Hi
I want to call a function logout() inside an a href statement:
a href=\?= logout() ?\logout/a
?php
function logout()
{
}
?
but this doesnt work.. how shall I do it
/M
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Launching a Browser Win with PHP - Is it possible?
For a form that allows people to upload image files to the server, I'd like to pop open a small browser window with an Uploading... message once someone clicks on Submit button. Then I'd like the window to automatically close once the process is done and the main browser window refreshes. Can this be done with PHP or should I be using Javascript? If there are any examples of how to do this online, I'd appreciate the URL. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Checking File Size BEFORE Uploading
If someone uploads a file via an HTML form, is there a way to check the file size before it's uploaded to the server? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re-populating File field in form - won't work??
I have a few File input fields in a form so people can upload images. If there's an error with the form, I want to re-populate the fields with the values the user filled in. This works for all the fields except the File fields. When I check the HTML output to the browser, I do see that the value parameter (value=filename.jpg) is set for the File field, however, when viewing the form the field appears blank. Also, if you leave it blank and click Submit, I get an error stating it was empty, so, clearly the File field is blank and not showing the default value that has been set. Is this my browser (IE 5.5 on Mac) or does a File field not accept default values?? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Pass vars in URL
There are two ways to do this. The easy way is to simply load any vars
passed via the URL or from a form as local vars in each script. So, I have
the following at the beginning of every script:
extract($_GET); // load vars passed via URL into local vars.
extract($_POST); // load vars passed via Forms into local vars.
If I pass ...?param=1 via the URL, then the extract($_GET) function will
automatically create a local var of the same name: $param
Or, you can access each variable directly. Say you pass the following via
the url:
www.site.com/page.html?param=1
In your script you can access the param var this way:
$_GET('param')
It's a pain to rejig all your scripts to work this new way, but, the
security benefits are worth it. Have a look here for more details...
http://www.php.net/manual/en/language.variables.predefined.php
http://www.php.net/manual/en/function.extract.php
Monty
From: [EMAIL PROTECTED] (Gary)
Newsgroups: php.general
Date: Mon, 14 Oct 2002 15:07:21 -0400
To: [EMAIL PROTECTED]
Subject: Pass vars in URL
Hello,
My host has upgraded to 4.2 but still uses the old ini setting. I am
trying to rewrite my scripts so when the day comes for my host to make
the change I will be ready. Everything has been going well till now. I
have been passing an id through a url string. Now when I try to pass the
id it show up in the url but does nothing. If i check if it is
set, it is not. IT is supposed to pass the id number to mysql on the
linked page. I there something I am missing some new way or do I need to
turn on something in the ini?
TIA
gary
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Checking File Size BEFORE Uploading
Hi John, yes, unfortunately setting the MAX_FILE_SIZE field only works once the files have been uploaded. Thanks for the reply! From: [EMAIL PROTECTED] (John W. Holmes) Organization: U.S. Army Reply-To: [EMAIL PROTECTED] Newsgroups: php.general Date: Mon, 14 Oct 2002 16:10:48 -0400 To: 'Monty' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [PHP] Checking File Size BEFORE Uploading You can set the MAX_FILE_SIZE in the hidden element of your form, but I don't think that stops the form from being submitted if the file size is too large. Basically, the file has to be uploaded before you can tell what size it is. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Checking File Size BEFORE Uploading
Nicos, the problem is that MAX_FILE_SIZE doesn't check the file size before it's uploaded to the server, it only works afterwards. So, you have to first wait for the file to upload before you know whether or not it's too large. Thanks. Hi, The way is : form enctype=multipart/form-data action=_URL_ method=post input type=hidden name=MAX_FILE_SIZE value=1000 Send this file: input name=userfile type=file input type=submit value=Send File /form See the MAX_FILE_SIZE hidden BEFORE the userfile's type. See also: http://www.php.net/manual/sk/features.file-upload.php -- Nicos - CHAILLAN Nicolas [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How many is too many?
This is a more general server question: I know that having a large number of files in one folder can slow down a web server, but, how many would it take for this to be a problem? Wondering if I should store all articles for a content site in one big 'articles' folder with each article having it's own folder within (/articles/article_id/), or if I should organize them by year then article name (/articles/2002/article_id). The site will only produce a few hundred articles a year. I'd like the keep the file structure shallow and simple if possible, but, if it could potentially slow the server down by putting so many folder in one I'll split them up more. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] extract($_POST)
I'm devastated to hear that extract($_POST) or extract($_GET) are security
risks because that's the method I went with for a bunch of scripts I'm
writing now. But I don't understand how this...
$admin = $_POST['admin'];
... is more secure? Isn't the security risk that they can hijack your var
data? If so, I don't see how the above would make it possible to know
whether the data in $_POST isn't coming from your own scripts. Especially
for forms where it's not really efficient to validate every possibility for
a field, such as a Country field.
But maybe I'm missing the point, and if so I'd like to understand so I can
make my scripts more secure when passing data. It seems like I will need to
basically re-define every form field and GET variable at the beginning of
each script literally.
Monty
From: [EMAIL PROTECTED] (Mike Ford)
Newsgroups: php.general
Date: Thu, 24 Oct 2002 18:41:04 +0100
To: '1LT John W. Holmes' [EMAIL PROTECTED], Rick Emery
[EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: RE: [PHP] extract($_POST)
-Original Message-
From: 1LT John W. Holmes [mailto:holmes072000;charter.net]
Sent: 23 October 2002 19:51
Say you have something like this:
if($_POST['name'] == John)
{ $admin = TRUE; }
if($admin)
{ show_sensitive_data(); }
Now, if you're using extract(), I can send $admin through the
post data and
you'll extract it into your script. That's where the security
flaw lies, but
the flaw is in the programming, not PHP.
You can have a secure example by doing this:
$admin = FALSE;
if($_POST['name'] == John)
{ $admin = TRUE; }
Or just $admin = $_POST['name']==John;
Actually, I'd also collapse this into the subsequent if, and write it like
this:
if ($admin = $_POST['name']==John):
show_sensitive_data();
endif;
I love languages where assignments are expressions!
Cheers!
Mike
-
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How many is too many?
I'm storing the article text and details in a database, but, all the assets (these articles have lots of photos) need to be organized into folders. So logically I want to create a folder for each article using the article ID number. But I want to be sure if I have within the Article folder about 700 other folders that contain all the assets for every article that that won't slow down the server. This site will not be visited by millions necessarily, but, I still want to be sure I'm setting up the file system as efficiently as possible. Thanks! From: [EMAIL PROTECTED] (Leif K-Brooks) Newsgroups: php.general Date: Fri, 25 Oct 2002 00:55:48 -0400 To: Monty [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [PHP] How many is too many? Why not store them in a database with one php script selecting them? Monty wrote: This is a more general server question: I know that having a large number of files in one folder can slow down a web server, but, how many would it take for this to be a problem? Wondering if I should store all articles for a content site in one big 'articles' folder with each article having it's own folder within (/articles/article_id/), or if I should organize them by year then article name (/articles/2002/article_id). The site will only produce a few hundred articles a year. I'd like the keep the file structure shallow and simple if possible, but, if it could potentially slow the server down by putting so many folder in one I'll split them up more. Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mkdir and directory permissions
Hi Jason, I have a follow-up question about mkdir. If the files created by mkdir are owned by 'nobody', does that create a security risk for those files? If so, how does one get around accepting files via an upload form that are assigned to a user other than 'nobody'? Monty -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] extract($_POST)
Okay, I really want to understand how to make $_GET and $_POST more secure because it means changing a fundamental way my scripts are now working. So, it sounds like what I need to do in order to make form data more secure is something like this... $isAdmin = $_POST['isAdmin']; $myName = $_POST['myName']; $myPrefs = $_GET['myPrefs']; Instead of this... extract($_POST); extract($_GET); Is this correct?? Now, I can see how this will prevent a cracker from flooding a script with invalid variables that are all extracted into local vars, but, I don't see how this will prevent someone from hijacking the vars and inserting their own data. Validating that kind of attack seems almost impossible to do especially for things like forms that collect contact info. I really don't want to have to validate every field for every legal possibility (especially fields like Country). I've read here that HTTP_REFERER is unreliable and can be easily spoofed, but, is there a more reliable way to know where the $_POST and $_GET data is coming from? Perhaps by IP of my server, or using $_SERVER['SERVER_NAME']? Is there any superglobal variable that would be unique to my web server that CANNOT be spoofed or easily changed by a cracker that I can use as a check to be sure the data is being submitted from a form on my site on not from someone else's site? Thanks a lot, guys! Monty From: [EMAIL PROTECTED] (Paul Nicholson) Organization: WebPower Design Newsgroups: php.general Date: Fri, 25 Oct 2002 13:06:10 -0400 To: Johnson, Kirk [EMAIL PROTECTED], PHP General [EMAIL PROTECTED] Subject: Re: [PHP] extract($_POST) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 25 October 2002 11:23 am, Johnson, Kirk wrote: And what should these precautions be? If a malicious user can submit his own form and you are looking for a POST variable, how can you ensure that $admin came from your form and not that user's? The problem is when a cracker uses form variables in an attempt to set the values of flag variables kept only in the session, for example, $isAdmin. As far as the form variables *you* put in your form, it doesn't matter whether the user submits your form or a form they made themselves. Those form variables are just data you are trying to collect. With register_globals on, PHP takes *all* variables (GET, POST, COOKIE) received from the client and assigns them to global variables. So if the user posts a value for $isAdmin, she can give herself admin privileges. The key is to retrieve *only* the form variables *you* put in the form from the the $_POST array. So don't write a loop and grab *everything* from that array. Kirk Exactly! Not only should you retrieve *only* the vars you need from POST, you should also filter them to make sure they contain what you're looking for.is_alpha($_POST['name']). And no, php doesn't have an 'is_alpha' functionI created that as part of a filtering class. ~Paul - -- ~Paul Nicholson Design Specialist @ WebPower Design The webthe way you want it! [EMAIL PROTECTED] It said uses Windows 98 or better, so I loaded Linux! Registered Linux User #183202 using Register Linux System # 81891 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9uXoKDyXNIUN3+UQRAkugAJ0aftPjxhmV0tSk125UZSTCuWp47QCfaKJ7 z5+ja1P4NtWUwVMCMsFVt2M= =UG2o -END PGP SIGNATURE- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: mysql_fetch_row options
I use the following function to do this...
function countRecords($query, $dbcon=0) {
if ($dbcon==0) { $ dbcon = connDbase(); }
$query = SELECT COUNT(*) .$query;
$res = mysql_query($query, $ dbcon); // Query DB.
return mysql_result($res, 0, count(*));
}
Here's how it's used:
$count = countRecords(FROM mydb WHERE id = 1001);
All I have to do is provide the query starting with FROM as the function
creates the SELECT COUNT(*) part. Also, the optional second parameter is to
pass the database connection resource ID to the function if I've already
established one before calling this function. This prevents the function
from having to establish a second DB connection for the count. If the second
param is left empty then a DB connection will be made using another
function: connDbase().
$count will contain the number of records that match the query and only
requires me to type one line of code.
Monty
From: [EMAIL PROTECTED] (James Taylor)
Newsgroups: php.general
Date: Sat, 26 Oct 2002 03:23:23 -0700
To: [EMAIL PROTECTED]
Subject: mysql_fetch_row options
There's got to be a better way to go about this: I am constantly doing mysql
queries where I am doing
a count(), so a sample query would be like this: select count(*) from
database. I'm expecting only
ONE value back exactly, and that's the count results. However, to get this
data into a variable, i'm
having to write code like this:
$result = mysql_query(select count(*) from database, $db);
$myrow = mysql_fetch_row($result);
$staticvar += $myrow[0];
$staticvar will never be an array, it's just a simple variable storing a
number. I *could* do it like this:
$result = mysql_query(select * from database, $db);
$staticvar += mysql_num_rows($result);
However, the mysql query will be much, much slower if I do it like this.
Basically, what I'm asking, is how to do something like:
$staticvar += mysql_fetch_row($result);
I want to eliminate step two, and I don't want to involve any temporary
arrays when there's always just one
value. Any suggestions? Thanks a bunch!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
